The global shift to remote work during the COVID-19 pandemic significantly widened our cyber threat landscape, leaving many organisations exposed. A notable case was the successful breach of ESS corporate network by a recognised ransomware group that executed credential stuffing attack. During the 8th Control System Cyber-Security workshop we plan to examine this incident, focusing on the...
A new CERN IT governance model was put in place in 2021 between the CERN IT department and the Accelerator and Technology Sector (ATS) in view of preparing the Accelerator control system infrastructure for the LHC high luminosity era. Flagship projects such as the adoption of containerization technology and orchestrators or the review of the network isolation for Accelerator control offer...
We describe a program at SLAC to truly understand accelerator cyber
vulnerabilities as they exist at SLAC and similar facilities, improve
accelerator cyber security generally, engage the U.S. Dept. of Energy in
collaboration and funding, and provide the concomitant upgrades to
EPICS Base for the accelerator community.
A presentation of the 2 years implementation plan primarily undertaken by Osprey DCS, SLAC and ORNL and funded by the US Department of Energy
The plan wll update PVXS (C++) and core-pva (Java, in CS-Studio/Phoebus) to support secure network connections based on the industry standard Transport Layer Security (TLS) technology. PVA clients that search for PV names will be able to indicate...
Many distributed version control platforms utilizing open-source worldwide collaboration, such as GitLab and GitHub, have built-in mechanisms allowing for robust version-control and smooth automation via e.g. pipelines. At some large-scale research facilities, some also trigger automatic deployments of the latest version of the software to clients otherwise isolated on private networks –...
